mirror of
https://github.com/genodelabs/genode.git
synced 2025-04-07 19:34:56 +00:00
b4c4681733
* differentiates request types that where merged formerly per module;
e.g. instead of type Superblock_control::Request, there are now types
* Superblock_control::Read_vbas
* Superblock_control::Write_vbas
* Superblock_control::Rekey
* Superblock_control::Initialize
* ...
each holding only the state and functionality that is required for exactly
that request
* removes all classes of the Tresor module framework and adapts all
Tresor- and File-Vault- related libs, apps, and tests accordingly
* the former "channel" state is merged into the new request types, meaning, a
request manages no longer only the "call" to a functionality but
also the execution of that functionality; every request has a lifetime
equal to the "call" and an execute method to be driven forward
* state that is used by a request but has a longer lifetime (e.g. VFS file
handles in Tresor::Crypto) is managed by the top level
of the user and handed over via the execute arguments; however, the
synchronization of multiple requests on this state is done by the module
(e.g. Tresor::Crypto)
* requests are now driven explicitly as first argument of the (overloaded)
execute method of their module; the module can, however, stall a request
by returning false without doing anything (used for synchronization on
resources)
* introduces Request_helper, Generated_request and Generatable_request in the
Tresor namespace in order to avoid the redundancy of sub-request generation
and execution
* moves access to Client-Data pointers up to Tresor::Virtual_block_device in
order to simplify Tresor::Block_io and Tresor::Crypto
* removes Tresor::Client_data and introduces pure interface
Client_data_interface in order to remove Tresor::Client_data and
move management of Client Data to the top level of a Tresor user
* introduces pure interface Crypto_files_interface in order to move management
of Crypto files to the top level of a Tresor user
* moves management of Block-IO and Trust-Anchor files to the top level of a
Tresor user
* adapts all execute methods, so, that they return the progress state
instead of modifying a reference argument
* removes Tresor::Request_and Tresor:Request and instead implements
scheduling at the top level of the Tresor user
* the Tresor Tester uses a list as schedule that holds Command objects; this
list ensures, that commands are started in the order of configuration
the Command type is a merge of the state of all possible commands that can
be configured at the Tresor Tester; the actual Tresor requests (if any) are
then allocated on-demand only
* the Tresor VFS plugin does not use a dynamic data structure for scheduling;
the plugin has 5 members that each reflect a distinct type of operation:
* initialize operation
* deinitialize operation
* data operation
* extend operation
* rekey operation
consequently, of each type, there can be only one operation in-flight at a
time; at the user front-end each operation (except "initialize") can be
controlled through a dedicated VFS file; for each of these files, the VFS
expects only one handle to be open at a time and only one file operation
(read, write, sync) active at a time; once an operation gets started it is
finished without preemtion (except of the interleaving at rekey and
extend); when multiple operations are waiting to be started the plugin
follows a static priority scheme:
init op > deinit op > data op > extend op > rekey op
there are some operation-specific details
* the initialize operation is started only by the plugin itself on startup
and will be driven as side effect by subsequent user calls to file
operations
* the data file is the only contiguous file in the front end and the file
operations work as on usual data files
* the other 3 files are transactional files and the user is expected to
follow this scheme when operating on them
1) stat (to determine file size)
2) seek to offset 0
3) read entire file once (this will be queued until there is no operation
of this type pending anymore and return the last result:
"none" | "failed" | "succeeded"; used primarily for synchronization)
4) write operation parameters (this returns immediately and marks the
operation as "requested")
5) read entire file once (the same as above but this time in order to
determine the operation result)
* the rekey op and deinitialize op are requested by writing "true"
* the extend op is requested by writing "tree=[TREE], blocks=[BLOCKS]"
where TREE is either "vbd" or "ft" and BLOCKS is the number of physical
4K blocks by which the physical range of the tresor container expands
(the physical range always starts at block address 0 and is always
expanded upwards)
* replaces the former <trust-anchor op="initialize"> command at the Tresor
Tester with <initialize-trust-achor> as there are no other trust anchor
operations that can be requested through the Tester config anyway
* removes the "sync" attribute from all commands at the Tresor Tester except
from <request op="rekey">, <request "extend_ft">, <request op="extend_vbd">;
as the Tester controls scheduling now, requests are generally synchronous;
at the rekeying and extension commands, the "sync" attribute determines
wether subsequent commands are interleaved with the execution of these
commands (if possible)
* removes "debug" config attribute from Tresor VFS plugin and reworks "verbose"
attribute to generate more sensible output
* removes NONCOPYABLE macro and instead uses Genode::Noncopyable and in-place
Constructors deletion
* introduces types Attr and Execute_attr where a constructor or execute method
have many arguments in order to raise readability
* renames the "hashsum" file that is provided by the Tresor Trust-Anchor VFS
plugin to "hash" in order to become conformant with the wording in the Tresor
lib
* makes the VFS Tresor test an automated test by merging in the functionality
of vfs_tresor_init.run and removing the interactive front end; removes
vfs_tresor_init.run as it is not needed anymore; adds consideration for
autopilot file structure in the Test and adds it to autopilot.list
* removes all snapshot controls and the progress files for rekeying and
extending from the Tresor VFS plugin; both functionalities were tested
only rudimentary by the VFS Tresor test and are not supported with the only
real user, the File Vault
* use /* .. */ instead of // ..
* use (..) instead of { .. } in init lists
Ref #5148
===============================
Genode source-code repositories
===============================
This directory contains the source-code repositories of the Genode OS
Framework. Each sub directory has the same principle layout as described in the
build-system manual:
:Build-system manual:
[https://genode.org/documentation/developer-resources/build_system]
The build system uses a configurable selection of those reposities to obtain
the source codes for the build process. The repositories are not independent
but build upon of each other:
:'base':
This directory contains the source-code repository of the fundamental
frameworks and interfaces of Genode. Furthermore, it contains the generic
parts of core.
:'base-<platform>':
These directories contain platform-specific source-code repositories
complementing the 'base' repository. The following platforms are supported:
:'hw':
The hw platform hosts Genode on a custom microkernel specifically
developed for Genode. The name "hw" denotes that Genode is executed on
bare hardware without a 3rd-party kernel underneath.
:'linux':
Linux kernel (both x86_32 and x86_64)
:'nova':
NOVA hypervisor ([https://hypervisor.org])
:'foc':
Fiasco.OC is a modernized version of the Fiasco microkernel with a
completely revised kernel interface fostering capability-based
security. It is not compatible with L4/Fiasco.
:'okl4':
OKL4 kernel (x86_32 and ARM) developed at Open-Kernel-Labs.
:'pistachio':
L4ka::Pistachio kernel developed at University of Karlsruhe.
:'fiasco':
L4/Fiasco kernel developed at University of Technology Dresden.
:'sel4':
seL4 microkernel ([https://sel4.systems/])
:'os':
This directory contains the non-base OS components such as the init
component, device drivers, and basic system services.
:'demo':
This directory contains the source-code repository of various services and
applications that we use for demonstration purposes. For example, a graphical
application launcher called Launchpad and the Scout tutorial browser.
:'hello_tutorial':
Tutorial for creating a simple client-server scenario with Genode. This
repository includes documentation and the complete source code.
:'libports':
This source-code repository contains ports of popular open-source libraries
to Genode, most importantly the C library. The repository contains no
upstream source code but means to download the code and adapt it to Genode.
For instructions about how to use this mechanism, please consult the README
file at the top level of the repository. Among the 3rd-party libraries
are Qt5, freetype, ncurses, and Mesa.
:'dde_linux':
This source-code repository contains the device driver environment for
executing Linux subsystems as Genode components.
:'dde_ipxe':
This source-code repository contains the device-driver environment for
executing network drivers of the iPXE project.
:'dde_bsd':
This source-code repository contains the device-driver environment for
drivers of the OpenBSD operating system.
:'dde_rump':
This source-code repository contains the port of rump kernels, which are
used to execute subsystems of the NetBSD kernel as user level processes.
The repository contains a server that uses a rump kernel to provide
various NetBSD file systems to Genode.
:'pc':
This source-code repository hosts device drivers that are specific for PC
platforms. It depends on the 'dde_linux' repository.
:'ports':
This source-code repository hosts ports of 3rd-party applications to
Genode. The repository does not contain upstream source code but provides
a mechanism for downloading the official source distributions and adapt
them to the Genode environment. The used mechanism is roughly the same
as used for the 'libports' repository. Please consult 'libports/README'
for further information.
:'gems':
This source-code repository contains Genode applications that use
both native Genode interfaces as well as features of other high-level
repositories, in particular shared libraries provided by 'libports'.